CVE-1999-0997

wu-ftp - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0997. PoCs published by suid.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in FTP servers that support file conversion via external programs like tar. By uploading a maliciously crafted filename starting with a dash, an attacker can pass arbitrary arguments to the underlying program, leading to remote command execution.

Description

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

Exploits (1)

exploitdb WORKING POC VERIFIED
by suid · textremoteunix
https://www.exploit-db.com/exploits/20563

This exploit leverages a command injection vulnerability in FTP servers that support file conversion via external programs like tar. By uploading a maliciously crafted filename starting with a dash, an attacker can pass arbitrary arguments to the underlying program, leading to remote command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: wu-ftpd 2.6.0(1) and other vulnerable FTP servers
Auth required
Prerequisites: FTP server with file conversion enabled · Write access to a directory · Ability to upload files
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2003/dsa-377

Scores

EPSS 0.0622
EPSS Percentile 92.6%

Details

Status published
Products (7)
millenux_gmbh/anonftp 2.8.1
redhat/linux 5.2
redhat/linux 6.0
redhat/linux 6.1
university_of_washington/wu-ftpd 2.4.2
university_of_washington/wu-ftpd 2.5.0
university_of_washington/wu-ftpd 2.6.0
Published Dec 20, 1999
Tracked Since Feb 18, 2026